Forum Discussion

Will_Adams_1995's avatar
Will_Adams_1995
Icon for Nimbostratus rankNimbostratus
Aug 08, 2016

Multiple Logon Pages (APM) Reset Customisation

We use a custom view for a logon page through a macro on an Access Policy. The custom view changes the logon page to have (1) a single field for entry and (2) a different link that does a loop within the macro (part of our one time password configuration). The problem is that I am trying to add an AD query after this to prompt the user if their password is due to expire. The AD query doesn't present as the normal logon view and configuration is altered by this custom logon page. In order to resolve my issue, I need to add a normal logon page before the AD query to allow the logon page to "reset". The issue with doing this though is that there is user intervention required for them to click on the Logon button. Is there a way to (1) auto click the logon button or (2) reset the logon page via an iRule for example?

 

APM
apm logon page
application delivery
customisation
customization
devops
iRules
logon page

3 Replies

Sort By
  • Lucas_Thompson_'s avatar
    Lucas_Thompson_
    Historic F5 Account
    Aug 09, 2016

    I don't completely understand your workflow or what you're trying to do. But you can certainly use a client-side javascript command to behave as a mouse click, form submittal, or similar.

     

    Look up APM "Advanced Customization" where you can edit the HTML of the logon page (or anything else), and "click button javascript" on a site like Stack Overflow. Or find a frontend web developer in your organization who can assist.

     

  • Will_Adams_1995's avatar
    Will_Adams_1995
    Icon for Nimbostratus rankNimbostratus
    Aug 10, 2016

    Let me try and describe the workflow a bit better.

     

    We present the user with a logon page asking for username and password and RAS token. If the user doesn't have a RAS token, we have the workflow proceed down a SMS based OTP macro to use an SMS code to perform dual factor authentication. In order for this OTP to work another logon page object is used in the workflow as part of a macro. When this macro is called in the workflow, the logon page is presented but it is customised to (1) show a single field only (which is used for the OTP code) and (2) has the button modified to resend the SMS if it didn't get there in time (effectively does a loop of the macro for 3 times). Due to the OTP logon page being customised during the macro, the values of the form stay as they are. Subsequently when putting in an AD query into the workflow that happens after the OTP macro, the AD query shows the custom logon page from the OTP macro rather than what would normally appear for an AD query. In order for the AD query to work properly another default logon page needs to be added before the AD query to reset the forms variables. The problem with doing this is that the user is then presented with a Logon button to continue (which we don't want).

     

  • Lucas_Thompson_'s avatar
    Lucas_Thompson_
    Historic F5 Account
    Aug 10, 2016

    I see, thanks for the clarification.

     

    These multi logon page use cases can get kind of messy and complicated because of how APM handles these "incorrect authentication" rewind-back-to-last-used-logon-page issues. I'd suggest probably your best bet is to open a support ticket and provide your access policy to Support so they can analyze it more closely.